<?php
class UsersController extends Controller
{
	public function addAction()
	{
		$model = new UsersModel();
		$this->save($model);
	}
	
	public function editAction()
	{
		$model = $this->loadModel();
		$this->save($model);
	}
	
	public function listAction()
	{
		$this->_trashOrRestoreOrDelete('n');
		$this->_list('y');
	}
	
	public function trashAction()
	{
		$this->_trashOrRestoreOrDelete('y');
		$this->_list('n');
	}
	
	protected function _trashOrRestoreOrDelete($user_status)
	{
		$do = trim($this->request->getParam('do', ''));
		if ($do) 
		{
			$model = UsersModel::model();
			if (strcmp($do, 'trashOrRestore') === 0 || strcmp($do, 'delete') === 0)
			{
				$user_id = (int) $this->request->getParam('user_id', 0);
				if ($user_id > 0)
				{
					if (strcmp($do, 'trashOrRestore') === 0)
						$model->updateByPk($user_id, array('user_status' => $user_status));
					else
						$model->deleteByPk($user_id);
				}
			}
			else if (strcmp($do, 'trashOrRestoreAll') === 0 || strcmp($do, 'deleteAll') === 0)
			{
				$user_ids = $this->request->getParam('user_ids');
				if (is_array($user_ids))
				{
					if (strcmp($do, 'trashOrRestoreAll') === 0)
					{
						foreach ($user_ids as $user_id)
							$model->updateByPk($user_id, array('user_status' => $user_status));
					}
					else 
					{
						foreach ($user_ids as $user_id)
							$model->deleteByPk($user_id);
					}
				}
			}
		}
	}
	
	protected function _list($user_status)
	{
		$condition = '';
		$params = array();
		$model = UsersModel::model();
		
		$condition .= 'user_status = ?';
		$params[] = $user_status;
		
		$search = trim($this->request->getParam('search', ''));
		if (strlen($search) > 0)
		{
			$condition .= ' AND user_loginname LIKE ?';
			$params[] = '%' . $search . '%';
		}
		
		$group_id = (int) $this->request->getParam('group_id', 0);
		if ($group_id > 0)
		{ 
			$condition .= ' AND group_id = ?';
			$params[] = $group_id;
		}
		
		$pagelist = $this->getPagelist($model->countByCondition($condition, $params));
		
		$order_by = trim($this->request->getParam('order_by', ''));
		$order_way = strtoupper($this->request->getParam('order_way', 'DSEC'));
		if (strcmp($order_way, 'DESC') !== 0)
			$order_way = 'ASC';
		
		if (strlen($order_by) > 0) 
			$condition .= ' ORDER BY ' . $order_by . ' ' . $order_way;
		
		$condition .= ' LIMIT ?, ?';
		$params[] = $pagelist->startResult;
		$params[] = $pagelist->perPageResults;
		
		$models = $model->findAll($condition, $params);
		$this->view->models = $models;
		$this->view->groups = GroupsModel::model()->findAll();
		
		$this->view->search = $search;
		$this->view->group_id = $group_id;
		$this->view->order_by = $order_by;
		$this->view->order_way = $order_way;
	}
	
	public function loginAction()
	{
		$model = new UsersModel();
		$this->view->users = array();
		
		if ($attributes = $this->request->getPost('users'))
		{
			if (strcmp($_SESSION['verifycodes'], md5(strtoupper($attributes['vcode']))) !== 0)
			{
				$_GET['m'] = '您输入的验证码不正确，请重新输入';
				$_GET['t'] = self::T_ERROR;
			}
			else 
			{
				if ($model->findByAttributes(array('user_loginname' => trim($attributes['user_loginname']), 'user_password' => md5(trim($attributes['user_password'])), 'user_status' => 'y')))
				{
					unset($model->user_password);
					$_SESSION['admin'] = $model;
					$sql = 'UPDATE ' . CDbConfig::getPrefix() . 'session SET user_id = ? WHERE session_id = ?';
					$param = array('user_id' => $model->user_id, 'session_id' => session_id());
					$this->dbStatement->queryBySql($sql, $param);
					$this->forward(array(), '', '');
				}
				else 
				{
					$_GET['m'] = '您输入的用户名或密码不正确';
					$_GET['t'] = self::T_ERROR;
				}
			}
			
			$this->view->users = $attributes;
		}
	}
	
	public function logoutAction()
	{
		$_SESSION['admin'] = null;
		unset($_SESSION['admin']);
		$this->forward(array(), 'login');
	}
	
	protected function save($model)
	{
		if ($attributes = $this->request->getPost('users'))
		{
			$attributes['user_password'] = trim($attributes['user_password']);
			$attributes['user_repassword'] = trim($attributes['user_repassword']);
			$this->view->user_password = $attributes['user_password'];
			$this->view->user_repassword = $attributes['user_repassword'];
			
			if (CControllerConfig::getAction() == 'edit' && strlen($attributes['user_password']) == 0)
			{
				unset($attributes['user_password'], $attributes['user_repassword']);
				$model->rules['user_password']['when'] = $model->rules['user_repassword']['when'] = CModel::INSERT;
				unset($model->user_password);
			}
			
			$model->attributes = $attributes;
			if ($model->save(true, $attributes))
			{
				$params = array(
					'id' => $model->pk,
					'm' => '已成功保存对该用户所作的修改：' . $model->user_loginname, 
					't' => self::T_MESSAGE
				);
				$do = $this->request->getPost('do', 'save');
				if (strcmp($do, 'save') === 0)
					$this->forward($params, 'list');
				else 
					$this->forward($params, 'edit');
			}
			else
			{
				$_GET['m'] = '无法保存该用户的信息：' . $model->getError();
				$_GET['t'] = self::T_ERROR;
			}
			
			$repassword = $attributes['user_repassword'];
		}
		else
			$this->view->user_password = $this->view->user_repassword = '';
		
		$this->view->model = $model;
		$this->view->groups = GroupsModel::model()->findAll('group_id > ?', 1);
	}
}
